From cd9d05c31ac779512aee20101edba9a2dbeed660 Mon Sep 17 00:00:00 2001
From: Pascal Bleser <p.bleser@opencloud.eu>
Date: Wed, 4 Jun 2025 12:16:26 +0200
Subject: [PATCH] fix Stalwart LDAP configuration

---
 .../opencloud_full/config/stalwart/config.toml            | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/devtools/deployments/opencloud_full/config/stalwart/config.toml b/devtools/deployments/opencloud_full/config/stalwart/config.toml
index 76e82f412..0441b5d50 100644
--- a/devtools/deployments/opencloud_full/config/stalwart/config.toml
+++ b/devtools/deployments/opencloud_full/config/stalwart/config.toml
@@ -13,7 +13,7 @@ directory.keycloak.fields.username = "preferred_username"
 directory.keycloak.timeout = "15s"
 directory.keycloak.type = "oidc"
 directory.ldap.attributes.class = "objectClass"
-directory.ldap.attributes.description = "name"
+directory.ldap.attributes.description = "displayName"
 directory.ldap.attributes.email = "mail"
 directory.ldap.attributes.email-alias = "mailAlias"
 directory.ldap.attributes.groups = "memberOf"
@@ -21,15 +21,15 @@ directory.ldap.attributes.name = "uid"
 directory.ldap.attributes.secret = "userPassword"
 directory.ldap.attributes.secret-changed = "pwdChangedTime"
 directory.ldap.base-dn = "dc=opencloud,dc=eu"
-directory.ldap.bind.auth.dn = "uid=?,ou=users,dc=opencloud,dc=eu"
+directory.ldap.bind.auth.dn = "cn=?,ou=users,dc=opencloud,dc=eu"
 directory.ldap.bind.auth.enable = true
 directory.ldap.bind.auth.search = true
 directory.ldap.bind.dn = "cn=admin,dc=opencloud,dc=eu"
 directory.ldap.bind.secret = "admin"
 directory.ldap.cache.ttl.negative = "10m"
 directory.ldap.cache.ttl.positive = "1h"
-directory.ldap.filter.email = "(&(|(objectClass=posixAccount)(objectClass=posixGroup))(|(mail=?)(mailAlias=?)(mailList=?)))"
-directory.ldap.filter.name = "(&(|(objectClass=posixAccount)(objectClass=posixGroup))(uid=?))"
+directory.ldap.filter.email = "(&(|(objectClass=person)(objectClass=groupOfNames))(|(uid=?)(mail=?)(mailAlias=?)(cn=?)))"
+directory.ldap.filter.name = "(&(|(objectClass=person)(objectClass=groupOfNames))(|(uid=?)(cn=?)))"
 directory.ldap.timeout = "5s"
 directory.ldap.tls.allow-invalid-certs = true
 directory.ldap.tls.enable = true